Remote desktop server XRDP on Linux Mint, Ubuntu

If you’d like to access your Linux desktop over the network from anywhere in the world, or just want to share your computer’s resources on the LAN by giving all users accounts on your computer, you can set up a remote desktop server. It is quite easy to do so, and the best part is that it is compatible with the remote desktop client on Windows too, thanks to the software called XRDP which talks Remote Desktop Protocol (RDP).

Are you surprised that a blog that usually used to talk about Gentoo, is now posting about Ubuntu? Well, I made switch on my personal machine to Linux Mint Cinnamon because I was bored with Gentoo. I have nothing against Gentoo, and I still love it. It’s the perfect distribution if you want to customize your OS to the core.

If you are going with Linux Mint, I’d highly recommend the MATE desktop. MATE is basically a fork of the original GNOME 2 project. GNOME 3 / Cinnamon / Unity won’t work with XRDP because they rely on 3D graphics which is not possible (yet) on X11RDP or Xvnc (correct me if I’m wrong). You could also go with the other desktop environments like XFCE or LXDE if you prefer. Even KDE works fine in the remote desktop environment because it does not solely rely on 3D graphics.

Continue reading “Remote desktop server XRDP on Linux Mint, Ubuntu”

FreeBSD IPFW NAT and Jails

IPFW in FreeBSD has built-in support for NATing and the configuration syntax is same as that of natd. It took me quite some time to figure out how to NAT for jails while ensuring that certain jails can have public IPs.

Configure the nat on one of the IP addresses:

When using stateful firewall, the NAT rule for incoming traffic must appear before check-state:

Other rules (service ports) can be placed below this:

Then the NAT rule for outgoing traffic:

Notice above, I am NATing only traffic that comes from . I allocate jails an IP on that subnet (unless I need a public IP for the jail). If the source is not mentioned in the rule, it will NAT even public IPs!

And finally, the outgoing ports:

The catch here is that we jump to the NAT rule only if the traffic comes from . If the traffic is coming from somewhere else (for example, a public IP allocated to one of the jails), it will hit the second rule and directly allow it.

Make sure you have the rule to allow loX traffic if you have separate clone interfaces for each jail.

Final touches:

The firewall script ipfw.rules must to contain other rules for services, icmp, etc not mentioned here.
Everything working smoothly now – ip4 from private jails, ip4 and ip6 from others 😀

A Linux geek’s experience with Windows 8.1

End of October, my Nexus 4 died, apparently due to a bad battery. What happened was the phone switched off automatically (not the low battery switch off, but at some random % > 50) while using a couple of times. That ended up getting worse by corrupting something leaving the cell radio in a non working condition. There’s no IMEI number, no baseband version and any Android version > 4.2.2 doesn’t boot.

A bit of research on Google yielded not much information. I took it to the service centre and they told me the motherboard would’ve to be replaced which was costing me ₹10000. That’s too much to pay for a 2 year phone especially when you get a completely new phone for that price (well, may be a bit more than that). Meanwhile I found a thread on xda which revealed an de-bricking method using some proprietary LG tools, which unfortunately worked only on Windows. This was a big disappointment for me, but that’s well-known fact that Windows has more market share in PCs than anything else.

I had to try it anyhow, so I first tried playing with VirtualBox’s and QEMU-KVM’s USB Passthrough on my old Windows XP VM (I had it around for working on college stuff… education curriculum in India is highly closed source-agnostic, to the extent some computer engineers won’t even know that there exists an OS called GNU/Linux!), which failed. It works for simple storage devices though, but for some reason the serial device (it comes up as ttyACM0) in the download mode (in which mode the LG tool will send a firmware image) couldn’t be accessed properly in the virtual machine. So I decided to buy a Windows 8.1 key from Microsoft Store, I was kind of sceptical about Windows since I left it back in 2007 because of constantly nagging problems like malware, random slowdowns, freezes, etc and shifted to Linux. Thanks to my student account I was able to buy it at a discounted rate of ₹3499 as opposed to the usual rate of ₹19k for the Pro version. I also noticed that they have a 14 day return policy, so I was a bit okay with the spending.

My hardware configuration is pretty simple, I just have desktop with i5-4670, 8 GB Corsair, 1 Samsung SSD and 2 HDD (WD, Seagate). The HDDs are in RAID0 striping in Linux and deliver good performance compared to a single HDD (read speeds are around 190 MB/s). There are two reasons for having such a simple configuration – first, I don’t game and second, excellent Linux compatibility. I had a thought of gaming since a long time, but never had the courage to face Windows (well, after being used to Linux for 5+ years, I doubt anybody will) and hence never played games.

So, let’s put the hand in lion’s mouth.

Continue reading “A Linux geek’s experience with Windows 8.1”

FreeBSD ipfw: add_dyn_rule: Cannot allocate rule

One of the servers I run has FreeBSD 10. It hosts a high traffic Magento site. Magento being a very heavy application, requires a dedicated server. The site’s performance is very bad when it is hosted on VPS — or perhaps that depends on provider / needs tuning. Not my site. My task was to move it to dedicated server so I don’t have to consider all that stuff.

As someone new to FreeBSD, I try to stick to tools and utilities that are provided by FreeBSD itself and do not rely on those provided by other BSDs. This rule is quite flexible, but I can’t cite examples of relying on tools by other BSDs that I’m using right now. So, naturally, for firewall I chose IPFW which is FreeBSD’s own firewall. The other firewalls supported by FreeBSD are PF (which comes from OpenBSD) and IPFilter (which comes from NetBSD).

Continue reading “FreeBSD ipfw: add_dyn_rule: Cannot allocate rule”

A failed experiment with GlusterFS

GlusterFS is a clustered file system that can be used when you want to share the content across different machines which can be accomplished by NFS as well. But the difference is, NFS failover is hard.

In GlusterFS, you can add two servers known as bricks in Gluster’s terminology on which your volume can be created as a replica. All data is replicated to both the servers by Gluster. GlusterFS has support for advertising the volumes as NFS shares as well, but I didn’t use it because of the basic reason – failover.

Continue reading “A failed experiment with GlusterFS”